Presentation is loading. Please wait.

Presentation is loading. Please wait.

Whats New in Fireware XTM v11.3.2. 2WatchGuard Training New Features in Fireware XTM v11.3.2 DHCP release and renew functionality in Web UI and CLI Updated.

Similar presentations


Presentation on theme: "Whats New in Fireware XTM v11.3.2. 2WatchGuard Training New Features in Fireware XTM v11.3.2 DHCP release and renew functionality in Web UI and CLI Updated."— Presentation transcript:

1 Whats New in Fireware XTM v11.3.2

2 2WatchGuard Training New Features in Fireware XTM v DHCP release and renew functionality in Web UI and CLI Updated default Body Content Types rule for Windows EXE/DLL files Updated CLI help text for wireless guest hotspot Ability to add an IP address range or subnet to the SSO Exceptions list Support in Web UI to use a host range or network IP address when you add a Tunnel Address as a member of a policy Ability to edit aliases from within a policy Ability to send a log message when an SMTP command is denied Updated default WebBlocker exception for watchguard.com in Policy Manager

3 3WatchGuard Training DHCP Release and Renew in Web UI and CLI Two new command options have been added to the dhcp command in Interface config mode. These options are available if the interface is configured to get the IP address through DHCP: release renew These options are available in the Web UI on the System Status > Interfaces page New CLI command options: 3WatchGuard Training

4 4 Updated Default Body Content Types Rule New pattern: %0x4d5a% This new pattern successfully identifies a much larger class of executable Windows files, including DOS and OS/2 executables, and non-PE and PE Windows executables. This change applies only to new configurations created in Policy Manager using v or later. The existing configuration on your device does not change when you upgrade from a previous v11.x version. To correct the Body Content Types rule in your existing configuration, go to the Body Content Types category in your HTTP proxy action and edit the Windows EXE/DLL rule. (Note that in Policy Manager, you must be in Advanced View to edit the rule.) Use Pattern Match and for the pattern use: %0x4d5a%* 4WatchGuard Training

5 5 Updated CLI Help Text for Wireless Guest Hotspot The CLI help text was updated for wireless guest hotspot commands to indicate that the imported text file should be UTF-8 encoded. UTF-8 format is required to support languages that use double- byte character sets. This affects the CLI Help for these commands: wireless guest hotspot welcome-message from wireless guest hotspot terms-text from 5WatchGuard Training

6 6 Add a Range or Subnet to the SSO Exceptions List You can now add a range of IP addresses or a subnet to the SSO Exceptions list in Policy Manager, the Web UI, and the CLI 6WatchGuard Training Policy Manager Fireware XTM Web UI

7 7WatchGuard Training Add a Range or Subnet to the SSO Exceptions List For the CLI, three options were added to the auth-setting single- sign-on except-ip command. These options allow users to add a host IP address, IP address range, or subnet to the SSO Exceptions list. Previously, you could only type one or more individual IP addresses. New parameters: host range subnet 7WatchGuard Training

8 8 Web UI Flexibility in the Tunnel Address for a Policy Member The Web UI now supports a host range or network IP address when you add a Tunnel Address as a member of a policy. Options include: Host IP Host Range Network IP Previously, the Web UI only enabled configuration of a single IP address for a Tunnel Address in a policy. 8

9 Edit an Alias from a Policy In previous releases, to make changes to the members of an alias, you had to open the Aliases dialog box. You can now select an alias in the New Policy Properties or Edit Policy Properties dialog boxes, and click Edit to add or delete members of the alias. 9WatchGuard Training

10 Changes to Proxy Policy Logging Settings You can now also send a log message when an SMTP command is denied. On the SMTP Proxy Action Configuration General Settings page, select the Send a log message when an SMTP command is denied check box. 10 WatchGuard Training

11 11 Updated Default WebBlocker Exception Updated the default WebBlocker exception for watchguard.com in Policy Manager Old: *.watchguard.com/* New: ^[0-9a-zA-Z_\-.]{1,256}\.watchguard\.com/ More closely matches the WatchGuard domain. URLs that use as a path in the URL no longer match this WebBlocker Exception. For example, a URL such as no longer matches the default WebBlocker exception for WatchGuard.www.watchguard.com Applies only to new configurations created in Policy Manager v or later. It does not apply to the Web UI. Your existing configuration does not change when you upgrade from a previous 11.x version. To correct the WebBlocker Exception in your existing configuration: From Policy Manager, edit your WebBlocker action and go to the Exceptions tab. Edit the WatchGuard exception. Change the Match Type to Regular Expression and use this expression: ^[0-9a-zA-Z_\-.]{1,256}\.watchguard\.com/ 11

12 Summary

13 Summary Fireware XTM v includes many new features: DHCP release and renew functionality in Web UI and CLI Updated CLI help text for wireless guest hotspot Ability to add an IP address range or subnet to the SSO Exceptions list Support in Web UI to use a host range or network IP address when you add a Tunnel Address as a member of a policy Edit an alias from within a policy Ability to send a log message when an SMTP command is denied Updated default WebBlocker exception for watchguard.com 13 WatchGuard Training

14 THANK YOU!


Download ppt "Whats New in Fireware XTM v11.3.2. 2WatchGuard Training New Features in Fireware XTM v11.3.2 DHCP release and renew functionality in Web UI and CLI Updated."

Similar presentations


Ads by Google